With much fanfare—and several months of delay after shifting engineers over to its iPhone effort—Apple shipped Mac OS X 10.5 “Leopard,” the latest version of its operating system for Macintosh computers. Now, four months later, the company has released Mac OS X 10.5.2, a substantial update to its “Leopard” operating system. Apple is recommending it for all users of Mac OS X 10.5 because of numerous stability enhancements and fixes, and many are categorizing 10.5.2 as the first “real” release of Leopard, smoothing some of the sharp corners that marred earlier releases and addressing a handful of the Apple faithful’s pet peeves.
Tag Archive: X Terminal
Mac OS X Safari Browser Exploit Discovered
A potentially severe security flaw has been uncovered in Apple’s Safari Web browser, which may enable attackers to execute arbitrary Unix shell scripts on a user’s machine simply by following a link on a Web site.
The exploit involves the way Mac OS X determines which program it should launch when opening files of a particular type. By renaming a Unix shell script to an extension Safari considers “safe,” omitting the script’s so-called “shebang line” (a command which specifies how the script should be executed), and compressing the script with the Zip archiving utility, Safari can be convinced to download the script, decompress it, assume the script is “safe,” then pass it off to the Mac OS X Terminal application for execution. An attacker could easily use such a script to delete a user’s home directory, damage the computer’s configuration, or obtain personal data.

